Napolitano: Cybersecurity issues remain unresolved

By Chris Strohm

August 4, 2009

Homeland Security Secretary Napolitano acknowledged on Tuesday that her department is still exploring how best to coordinate the government's response to cybersecurity threats, saying several critical issues remain unresolved, such as how to interact with the Defense Department and work with private companies.

"We need to be looking at [cybersecurity] not from a traditional standpoint of how we do law and order, but how we need to do it in a new and evolving world," Napolitano said during the keynote speech at a cybersecurity conference hosted by the Secret Service.

"We need to be thinking outside our traditional boxes. We need to be thinking ahead," Napolitano said, adding that her department was not properly organized to deal with cybersecurity when she took it over in January. "We need to be recruiting and training investigators who only do this kind of work. That is where we are headed within the Department of Homeland Security and, indeed, within the United States Secret Service."

She said the Obama administration is working through how the department will interact with the Pentagon's new cyber command.

"I'm going to be open to suggestions about how best we do that," she said. "The obvious Washington way is to have some sort of joint committee or joint liaisons where some people, perhaps, are located on each side. But there may be better ways and if you have a suggestion I'm open to them but those are the kind of things we're looking at."

At one point, she solicited recommendations on the issue from a conference attendee. The attendee said the best way to interact would probably be an integrated center. "That's what we're looking at," Napolitano said.

But she quickly noted privacy concerns created by having the military involved in protecting U.S. civilian networks.

"That's why I haven't really come to a conclusion about how do we share without raising the specter that the Department of Defense is somehow going to be spying on civilian computers in the United States," she said. "That's what we're working our way through."

She cited several other unresolved issues. "First of all, we need to confront how we really engage our partners. More than just having a conference, what are our actual plans for working together?" Napolitano asked. "How are we going to share intelligence from the government to the private sector and back in real time so that it is useful?"

"How are we going to grow, recruit and retain experts or cyber cops?" she added. "In other words, where are the personnel going to come from who are going to help us in this effort?"

Napolitano observed that the federal government does not have a major research and development program for civilian cybersecurity efforts. She also noted that the department is seeking public recommendations on cybersecurity efforts through the Quadrennial Homeland Security Review, which is due to Congress in December.